SlideShare a Scribd company logo

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability

I
itnewsafrica

The document discusses the necessity for security observability within organizations' observability strategies, highlighting challenges such as multi-cloud complexities, tool sprawl, and increased security risks. It stresses the importance of integrated, proactive monitoring that focuses on metrics, logs, and security data to enhance incident response and compliance. Additionally, it outlines the trends for 2024, emphasizing simplification and automation in hybrid cloud environments to support digital transformation and improve security posture.

Technology
1 of 32
Downloaded 14 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
1 @solarwinds Why Your ObservabilITy Strategy Needs Security ObservabilITy! Glenn Lazarus CEO ATS Network Management
2 @solarwinds 2 @solarwinds TO HARNESS NEW GROWTH OPPORTUNITIES, ORGANIZATIONS ARE DOING THE FOLLOWING: HOWEVER, SEVERE CHALLENGES ABOUND: Leveraging multi-cloud deployments Modernizing operations, apps, and databases Supporting increasingly remote work Stagnant IT budgets and resource constraints Complexity, security, and productivity challenges Stringent uptime and service-level agreement (SLA) requirements Digital Transformation Is Accelerating Across Organizations of All Sizes
3 @solarwinds Technology Landscapes Powering Transformation Are Increasingly Complex Information silos and tool sprawl High risk and cost Manual root cause analysis Poor service delivery Low productivity 1 ’ 1 ’ 1 ’ 1 ’ 100s 100s 1,000s 100s INFRAST RUCTURE NODES APPLICATIONS DATABASES CLOUD SERVICES Note: Example of a single environment for an upper-mid-market customer. Modernization of apps and databases DevOps, CloudOps, and AIOps teams Infrastructure as a service (IaaS), SD-WAN, secure access service edge (SASE) Hybrid and multi-cloud and cloud-native Data Center 1 Data Center 2 Branch Office Network Vendor Tool Network Vendor Tool Network Vendor Tool Network Vendor Tool Network Vendor Tool App Vendor Tool App Vendor Tool Free Cloud Tool Open-Source Tool User Vendor Tool Customers, partners, and employees SaaS Hardware Vendor Tool Hardware Vendor Tool Cloud
4 @solarwinds Limited visibility across the technology stack Customer Challenges Tool sprawl requires staff to develop and maintain skills in different operating environments Multiple information sources add complexity and time to issue resolution, leading to operational inefficiencies Businesses services distributed across hybrid cloud environments present unique challenges for troubleshooting, optimization, and security Too many alerts can cause fatigue or be ignored, putting customer and end-user experience at risk Missed SLAs and service-level objectives (SLOs) can result in additional costs through fines Need greater control over complex systems
5 @solarwinds Evolve from reactive monitoring of WHAT has happened Historically(more like yesterday) proactive observability into WHY something is happening and gain actionable insights Monitoring Is the Foundation for Observability to
6 @solarwinds Observability trends for 2024 to
7 @solarwinds Simplify and extend Hybrid Cloud Observability Eliminate tool sprawl Gain a unified solution with single-pane-of-glass monitoring and actionable intelligence to help expedite problem resolution and enable proactive management across hybrid environments. Reduce alert fatigue and risk Correlate problems that happened simultaneously on related devices with customizable alerts to help enable faster remediation, reduce alert fatigue, and increase automation. Gain deployment flexibility Drive growth initiatives with flexible licensing, enabling you to purchase the nodes you need and deploy however you need in your environment. Further your cloud modernization efforts with flexible deployment options on-premises or self-hosted in the cloud. Be cloud-ready Comprehensive observability across Hybrid Cloud Observability, empowering you to integrate today and evolve as your business needs dictate. Security Help organizations better understand the complex vulnerabilities within their environments while providing real-time visibility to help detect and remediate security issues.
8 @solarwinds Tracking the three pillars of observability— metrics, logs, and traces Use the endless stream of telemetry data to identify security risks and vulnerabilities Even the best-planned observability strategy is incomplete without the fourth pillar - security By leveraging the internal visibility observability provides then overlaying it with security data, extend eyes and ears into every corner of the IT environment Established processes track and analyze the right telemetry data sources! The strategy helps many businesses support the stability and performance of complex, distributed IT environments The fourth pillar of Observability -Security
9 @solarwinds Identify, analyze, and categorize suspicious patterns or anomalies. Security data (metadata from firewalls, threat detection, or traffic analyzers layered on top of telemetry data). Correlating data sets can grant deeper visibility and context to infer system health and security integrity. Viewing traffic spikes through a security data lens might unveil patterns indicating a brute-force attempt to access vital systems. Include full-stack integration with cloud-based applications, networks, databases, and third-party security tools or monitoring solutions to improve cross-functional collaboration and ensure teams ’ c b fy c u f u •Incorporate AIOps, machine learning, and intelligent modeling capabilities designed to automatically correlate vast data volumes and help teams spot security anomalies and areas of interest in real time. •Cut through the noise and make more informed decisions by focusing on critical issues. Access to a single source of truth The fourth pillar of Observability -Security
10 @solarwinds The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over 3 years. South Africa was almost R50 million Tech Central 51% of organizations are planning to increase security investments as a result of a breach, including incident response (IR) planning and testing, employee training, and threat detection and response tools. USD 1.76 million The average savings for organizations that use security AI and automation extensively is USD 1.76 million compared to z ’ IBM research Estimated annual cost of cyber-attacks globally (USD) 2024 $9.5 Trillion IBM research(A trillion is a 1 with 12 zeros after it, represented as 1,000,000,000,000) Rand 180,000,000,000,000 The cost of a data breach in 2023
11 @solarwinds Many of us have used Chat-GPT and other AI tools over the past year. AI has exploded on to the digital landscape, and with its emergence comes great opportunities and significant threats. The power to use AI to automate and transform how we develop, operate and grow our businesses is the most significant digital transformation since the emergence of the internet. However, that very same power in the hands of cyber attackers means the threat level will increase and evolve into new and more invasive ways to penetrate cyber defenses. AI tools opportunities or significant threats
12 @solarwinds Cyber security needs to become accessible to everyone in the organization. It's ultimately about finding faults in systems and processes and closing the gaps that attackers can use to leverage an attack. Cyber execs need to be open and conduct a campaign within their businesses to ensure they deliver knowledge and transparency about the role of cyber. Security ObservabilITy accessible to everyone
13 @solarwinds Hybrid Cloud Observability—Designed for Your Needs Built-in intelligence Anomaly detection  Event correlation  Remediation  Auto-instrumented recommendations  Automation Ensure compliance with automated configuration and change management and IP address management Ensure SLAs with end-to-end visibility to pinpoint performance issues Gain deep understanding of network paths across the entire delivery chain Automatically detect and track devices and manage switch ports Get powerful quickly understand your connected landscape Gain understanding of the application and the underlying layers upon which it depends
14 @solarwinds Critical Security Controls - CIS Controls The 18 CIS Critical Security Controls Formerly the SANS Critical Security Controls (SANS Top 20) these are now officially called the CIS Critical Security Controls (CIS Controls). CIS define Controls by activities, rather than by who manages the devices. Physical devices, fixed boundaries, and discrete islands of security implementation are less important.
15 @solarwinds The 18 CIS Critical Security Controls CIS Control 1: Inventory and Control of Enterprise Assets CIS Control 2: Inventory and Control of Software Assets CIS Control 3: Data Protection CIS Control 4: Secure Configuration of Enterprise Assets and Software CIS Control 5: Account Management CIS Control 6: Access Control Management CIS Control 7: Continuous Vulnerability Management CIS Control 8: Audit Log Management CIS Control 9: Email Web Browser and Protections CIS Control 10: Malware Defenses CIS Control 11: Data Recovery CIS Control 12: Network Infrastructure Management CIS Control 13: Network Monitoring and Defense CIS Control 14: Security Awareness and Skills Training CIS Control 15: Service Provider Management CIS Control 16: Application Software Security CIS Control 17: Incident Response Management CIS Control 18: Penetration Testing
16 @solarwinds IDENTIFY DETECT RESPOND Systems. Assets. Data. • Physical • Virtual • Network • Software • 3rd Party compliance • User training/Skills Timely Discovery • Firmware vulnerabilities • Policy violations • Security events Manager • Active Directory® stats • ID Monitor Intelligent Actions • Evidence-based assessments and reporting • Security dashboard • Risk metrics AR • Address future risks Security Observability is built to reduce the attack surface, manage access, and improve compliance Security Is Everyone’s Responsibility Proactive Security Observability provides real-time visibility to detect and remediate security issues • Helps ensure integrity across your infrastructure • Helps reduces security risks and business disruptions
17 @solarwinds Gain visibility across your environments to reduce the mean time needed to detect, alert on, and remediate security incidents Security Observability = Hybrid Cloud Observability + Security integration Hybrid Cloud Observability Security Observability Protecting increasingly distributed and complex IT infrastructures by providing a secure Security integration with Hybrid Cloud Observability
18 @solarwinds The solution gives you insights into the internal state of a system based on external behavior with extensive reporting Full-Stack Observability Solution with Security For better: Visibility + Alerting + Investigation + Efficiency Infrastructure security Data security Cybersecurity Access control Vulnerability management + 3rd Party Patch management Change management /ITSM Single pane of glass/ 1 Source of truth Compliance and audit reporting Security Observability Traces Logs Metrics • Greater control in complex distributed systems • Seamless management • B ’ -eye view to help resolve internal issues
19 @solarwinds Built-In Intelligence Access Rights Manager Security Event Manager Patch Manager Problem: Customers with no security teams rely on IT administrators (and different tools) to identify security incidents in their infrastructure, network, applications, and data. Solution: A single-pane-of-glass solution providing IT admins comprehensive visibility into their environment to help them reduce the mean time needed to detect, alert on, and remediate security incidents Manage and audit access rights across your IT infrastructure Improve your security posture and quickly demonstrate compliance Patch management software designed to quickly address software vulnerabilities Integration Approach
20 @solarwinds Security Observability Security Integration for Hybrid Cloud Observability With Security Observability • Cuts through layers of virtualization, containerization, and fabric overlays to properly view your network • Get real-time visibility to help detect, alert on, and remediate security incidents • Monitor security and compliance status on a dedicated security dashboard
21 @solarwinds Covers security-related events, metrics, and activities Summary Dashboards Single-pane-of-glass solution designed to identify critical security issues • Better understanding of the complexities within the environment • Gain real-time visibility to help detect and remediate security issues • View security events, firmware vulnerabilities, policy violations, risk assessments, and more in a single dashboard
22 @solarwinds Security integration for Hybrid Cloud Observability Benefits of Security Observability Remove internal silos and have complete control Gain insights into the entire internal state of a complex distributed environment Reduce the time it takes to identify security issues Understand the security posture of the environment This integration combines security-related events, metrics, and activities with the other data in Hybrid Cloud Observability. Some of the key benefits of this security integration include:
23 @solarwinds What can be added Security Observability Dashboard Active Endpoint Deception Platform and Malware Defenses Protects against ransomware, malware, and unknown threats! Mitigate ransomware in seconds, before any data is exfiltrated or encrypted. Alert and dashboard integration
24 @solarwinds What can be added Security Observability Dashboard Third-Party Security Risk Management Evaluate new vendors Close their cyber gaps Continuously Monitor their cyber posture. Alert
25 @solarwinds What can be added Security Observability Dashboard Identity Monitoring Proactively protect digital identities - with a robust technology ecosystem that promotes maximum extensibility Uncover threats to your organization like malware-infected employees, stolen session cookies, and recency of breach exposures Alert
26 @solarwinds Secured Security Observability Detection of Anomalies: By monitoring system behaviour and performance metrics, observability tools can detect anomalies that may indicate security breaches or unauthorized access. For example, unexpected spikes in network traffic or unusual patterns in user behaviour could signal a potential security threat. Incident Response: In the event of a security incident, observability tools provide valuable data for incident response and investigation. Security teams can quickly identify the source of the incident, understand its impact, and take appropriate action to contain and remediate the threat. Forensic Analysis: Observability enables detailed forensic analysis by providing a comprehensive view of system activities leading up to and during a security incident. This information is crucial for understanding the root cause of the incident, identifying vulnerabilities, and implementing measures to prevent future attacks. Visibility into Cloud Environments: With the increasing adoption of cloud services, maintaining visibility into cloud environments is essential for ensuring security. Observability tools designed for cloud environments can monitor and analyze cloud-native logs, metrics, and events, helping organizations detect and respond to security threats effectively. Compliance Monitoring: Many regulatory requirements mandate the monitoring and auditing of system activities for security compliance. Observability tools can help organizations demonstrate compliance by providing detailed logs and audit trails that document security-related events and activities. Threat Hunting: Observability enables proactive threat hunting by allowing security teams to analyze historical data and search for indicators of compromise or suspicious behaviour. By continuously monitoring system activity and analyzing data trends, organizations can identify and mitigate security risks before they escalate into full-blown incidents. Real-time Alerting: Observability tools can be configured to generate real-time alerts for security events that require immediate attention. By alerting security teams to potential threats as they occur, organizations can respond promptly and minimize the impact of security incidents.
27 @solarwinds Cyber security is a business problem that can affect every aspect of your company. Too often, we do not see cyber experts taking their place in the boardroom. One strategy is to Assume breach, read our white paper This is a crucial strategic move towards ensuring you can plan for and respond effectively if and when facing a cyber threat. Cyber security is a business problem
28 @solarwinds Companies tend to over-purchase cyber products before developing a coherent cyber strategy. Having a range of solutions from the endless eco-system of products does not necessarily mean you are protected. Attackers actually thrive on this fault line where a hotchpotch of differing solutions are deployed across an organization. Use 2024 as a year to review, optimize and rationalize your cyber tech stack. Take the time to assess whether the solutions are correctly deployed, analyze whether the products meet current and future threats, and take into account the legal and regulatory requirements. This will help you determine whether the solutions in place are needed and outline areas to strengthen your defences. Developing various activities for activating, implementing, and managing your cyber defence. Ie like food, not just one course but many small courses to make up the entire meal.
29 @solarwinds If y u c ’ IT, y u c ’ MonITor IT and you cant defend IT? UnITy SecurITy Security ObservabilITy to
30 @solarwinds We call it security simplified Protect infrastructure from external threats Protect systems keeping them up-to-date Protect data monitoring user access rights Protect email monitoring exposure from data breaches Protect employees simulation and training - new SOC training Protect Supply Chain – 3rd Party Security Management manage and monitor supply chain Protect endpoints Active Endpoint Deception platform Solve Monitor Prevent
31 @solarwinds Offering flexibility and choice in your transformation journey SolarWinds Hybrid Cloud Observability Hybrid Cloud Observability Essentials Hybrid Cloud Observability Advanced Standard Up to 1,000 nodes Infrastructure, network, and application performance observability • • Physical and virtual hosts, device, and VoIP monitoring • • Application-centric database monitoring • • Automated discovery and dependency mapping • • Historical and real-time dashboards and customizable reporting • • IP address management and log management and analysis • • Metric and event correlation • • Distributed polling for remote environments • • Flexible licensing—buy one license and divide nodes how you want • • AIOps anomaly detection and alert clusters • Security observability with Security Event Manager and Access Rights Manager integration • Network flow and bandwidth observability • Virtualization performance management • Configuration management for networks, servers, and applications • Enterprise Scale 500 nodes and larger Additional polling engines (APEs) • • High availability • • Additional web servers • • Enterprise Operations Console • • Lab license • • Premier Support • •
32 @solarwinds THANK YOU

More Related Content

PDF
Trailblazers of Cybersecurity The Visionary Leaders Driving Innovation.pdf
ciotimespublication
 
PPTX
Government and Education Webinar: How the New Normal Could Improve your IT Op...
SolarWinds
 
PPTX
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
SolarWinds
 
PPTX
Government Webinar: Improving Security Compliance with IT Monitoring Tools
SolarWinds
 
DOCX
Hot Cyber Security Technologies
RuchikaSachdeva4
 
PPTX
Webinar: Real IT Compliance with SolarWinds
SolarWinds
 
PPTX
Unc charlotte prezo2016
Sanjay R. Gupta
 
PPTX
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
Trailblazers of Cybersecurity The Visionary Leaders Driving Innovation.pdf
ciotimespublication
 
Government and Education Webinar: How the New Normal Could Improve your IT Op...
SolarWinds
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
SolarWinds
 
Government Webinar: Improving Security Compliance with IT Monitoring Tools
SolarWinds
 
Hot Cyber Security Technologies
RuchikaSachdeva4
 
Webinar: Real IT Compliance with SolarWinds
SolarWinds
 
Unc charlotte prezo2016
Sanjay R. Gupta
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 

Similar to Glenn Lazarus- Why Your Observability Strategy Needs Security Observability (20)

PPTX
Government and Education Webinar: Successfully Migrating Applications to the ...
SolarWinds
 
PDF
110307 cloud security requirements gourley
GovCloud Network
 
PPTX
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
SolarWinds
 
PPTX
Practical analytics hands-on to cloud & IoT cyber threats
Jorge Sebastiao
 
PDF
Daniel Grabski | Microsofts cybersecurity story
Microsoft Österreich
 
PPSX
Cloud monitoring - An essential Platform Service
Soumitra Bhattacharyya
 
PPTX
Netskope — Shadow IT Is A Good Thing
Netskope
 
PPTX
pbc_devsecops_eastereggs.2022oct06.jt.pptx
Julie Tsai
 
PPTX
Wall-Street Technology Association (WSTA) Feb-2012
Joshua McKenty
 
PPTX
WSTA Breakfast Seminar
Joshua McKenty
 
PPTX
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
PPTX
Cloud Security in 2025_ Top Challenges, Daily Risks & Key Threats You Need to...
infosprintseo
 
PDF
The future of cyber security
Sandip Juthani
 
PPTX
SolarWinds IT Security Survey - February 2013
SolarWinds
 
PDF
Cybersecurity Challenges - Identifying Key Threats and Trends.pdf
SeasiaInfotech2
 
PPTX
Security perspective -human factor
Artur Marek Maciąg
 
PPTX
SAM05_Barber PW (7-9-15)
Norm Barber
 
PPTX
2024 Most Influential Cyber Security Technologies_ A Detailed Recap.pptx
infosprintseo
 
PDF
br-security-connected-top-5-trends
Christopher Bennett
 
PDF
How to Enable, Monitor, and Secure Your Remote Workforce
SolarWinds
 
Government and Education Webinar: Successfully Migrating Applications to the ...
SolarWinds
 
110307 cloud security requirements gourley
GovCloud Network
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
SolarWinds
 
Practical analytics hands-on to cloud & IoT cyber threats
Jorge Sebastiao
 
Daniel Grabski | Microsofts cybersecurity story
Microsoft Österreich
 
Cloud monitoring - An essential Platform Service
Soumitra Bhattacharyya
 
Netskope — Shadow IT Is A Good Thing
Netskope
 
pbc_devsecops_eastereggs.2022oct06.jt.pptx
Julie Tsai
 
Wall-Street Technology Association (WSTA) Feb-2012
Joshua McKenty
 
WSTA Breakfast Seminar
Joshua McKenty
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
Cloud Security in 2025_ Top Challenges, Daily Risks & Key Threats You Need to...
infosprintseo
 
The future of cyber security
Sandip Juthani
 
SolarWinds IT Security Survey - February 2013
SolarWinds
 
Cybersecurity Challenges - Identifying Key Threats and Trends.pdf
SeasiaInfotech2
 
Security perspective -human factor
Artur Marek Maciąg
 
SAM05_Barber PW (7-9-15)
Norm Barber
 
2024 Most Influential Cyber Security Technologies_ A Detailed Recap.pptx
infosprintseo
 
br-security-connected-top-5-trends
Christopher Bennett
 
How to Enable, Monitor, and Secure Your Remote Workforce
SolarWinds
 
Ad

More from itnewsafrica (20)

PDF
VVuyo Mpako- Managing Director of NEXT176 at Old Mutual
itnewsafrica
 
PDF
Paul Spagnoletti- Revenue Executive at Synthesis
itnewsafrica
 
PDF
Rufaida Hamilton- Head of Payments from Standard Bank
itnewsafrica
 
PDF
Marina Short- CEO, Consumer Profile Bureau
itnewsafrica
 
PDF
Jacques Coetzer- Chief Technology Officer at Risk X Group
itnewsafrica
 
PDF
George Prinsloo- Account Executive at DocFusion
itnewsafrica
 
PDF
Erika More- Sage Intacct Director, AME at Sage
itnewsafrica
 
PDF
Bradwin Roper- Chief of Payments Partnerships at JUMO
itnewsafrica
 
PDF
Adesoji Solanke, Director, Head of FinTech & Banks, Investment Banking Origin...
itnewsafrica
 
PPTX
Innovate for Impact and Inclusion using AI.
itnewsafrica
 
PDF
Empowering IT Teams: Overcoming Skills Gap with Talent Development and Automa...
itnewsafrica
 
PPTX
Harnessing Data-Driven Customer Experience- Leveraging Analytics for Personal...
itnewsafrica
 
PPTX
AI ETHICS AND RESPONSIBILITY- What would you do?
itnewsafrica
 
PDF
he Role of Social Media in Digital Retail Marketing
itnewsafrica
 
PPTX
Online Retail Fraud and Policy Abuse: Strategies for Prevention and Protection
itnewsafrica
 
PPTX
Travel to the Futute- Top industry trends & innovation driving the next 5 years
itnewsafrica
 
PPTX
Regulatory Challenges and Opportunities in Digital Retail
itnewsafrica
 
PPTX
Leveraging Traceability and Data Integrity to Drive Transparency and Sustaina...
itnewsafrica
 
PDF
Empowering Digital Finance with OADC & WIOCC
itnewsafrica
 
PPTX
Ravesh Premlal Komal- Empowering Micro Lending in the Digital Age.
itnewsafrica
 
VVuyo Mpako- Managing Director of NEXT176 at Old Mutual
itnewsafrica
 
Paul Spagnoletti- Revenue Executive at Synthesis
itnewsafrica
 
Rufaida Hamilton- Head of Payments from Standard Bank
itnewsafrica
 
Marina Short- CEO, Consumer Profile Bureau
itnewsafrica
 
Jacques Coetzer- Chief Technology Officer at Risk X Group
itnewsafrica
 
George Prinsloo- Account Executive at DocFusion
itnewsafrica
 
Erika More- Sage Intacct Director, AME at Sage
itnewsafrica
 
Bradwin Roper- Chief of Payments Partnerships at JUMO
itnewsafrica
 
Adesoji Solanke, Director, Head of FinTech & Banks, Investment Banking Origin...
itnewsafrica
 
Innovate for Impact and Inclusion using AI.
itnewsafrica
 
Empowering IT Teams: Overcoming Skills Gap with Talent Development and Automa...
itnewsafrica
 
Harnessing Data-Driven Customer Experience- Leveraging Analytics for Personal...
itnewsafrica
 
AI ETHICS AND RESPONSIBILITY- What would you do?
itnewsafrica
 
he Role of Social Media in Digital Retail Marketing
itnewsafrica
 
Online Retail Fraud and Policy Abuse: Strategies for Prevention and Protection
itnewsafrica
 
Travel to the Futute- Top industry trends & innovation driving the next 5 years
itnewsafrica
 
Regulatory Challenges and Opportunities in Digital Retail
itnewsafrica
 
Leveraging Traceability and Data Integrity to Drive Transparency and Sustaina...
itnewsafrica
 
Empowering Digital Finance with OADC & WIOCC
itnewsafrica
 
Ravesh Premlal Komal- Empowering Micro Lending in the Digital Age.
itnewsafrica
 
Ad

Recently uploaded (20)

PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
KodekX | Application Modernization Development
KodekX
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Approach and Philosophy of On baking technology
30anthuong17
 
Teaching material agriculture food technology
LiaRayya
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability

  • 1. 1 @solarwinds Why Your ObservabilITy Strategy Needs Security ObservabilITy! Glenn Lazarus CEO ATS Network Management
  • 2. 2 @solarwinds 2 @solarwinds TO HARNESS NEW GROWTH OPPORTUNITIES, ORGANIZATIONS ARE DOING THE FOLLOWING: HOWEVER, SEVERE CHALLENGES ABOUND: Leveraging multi-cloud deployments Modernizing operations, apps, and databases Supporting increasingly remote work Stagnant IT budgets and resource constraints Complexity, security, and productivity challenges Stringent uptime and service-level agreement (SLA) requirements Digital Transformation Is Accelerating Across Organizations of All Sizes
  • 3. 3 @solarwinds Technology Landscapes Powering Transformation Are Increasingly Complex Information silos and tool sprawl High risk and cost Manual root cause analysis Poor service delivery Low productivity 1 ’ 1 ’ 1 ’ 1 ’ 100s 100s 1,000s 100s INFRAST RUCTURE NODES APPLICATIONS DATABASES CLOUD SERVICES Note: Example of a single environment for an upper-mid-market customer. Modernization of apps and databases DevOps, CloudOps, and AIOps teams Infrastructure as a service (IaaS), SD-WAN, secure access service edge (SASE) Hybrid and multi-cloud and cloud-native Data Center 1 Data Center 2 Branch Office Network Vendor Tool Network Vendor Tool Network Vendor Tool Network Vendor Tool Network Vendor Tool App Vendor Tool App Vendor Tool Free Cloud Tool Open-Source Tool User Vendor Tool Customers, partners, and employees SaaS Hardware Vendor Tool Hardware Vendor Tool Cloud
  • 4. 4 @solarwinds Limited visibility across the technology stack Customer Challenges Tool sprawl requires staff to develop and maintain skills in different operating environments Multiple information sources add complexity and time to issue resolution, leading to operational inefficiencies Businesses services distributed across hybrid cloud environments present unique challenges for troubleshooting, optimization, and security Too many alerts can cause fatigue or be ignored, putting customer and end-user experience at risk Missed SLAs and service-level objectives (SLOs) can result in additional costs through fines Need greater control over complex systems
  • 5. 5 @solarwinds Evolve from reactive monitoring of WHAT has happened Historically(more like yesterday) proactive observability into WHY something is happening and gain actionable insights Monitoring Is the Foundation for Observability to
  • 7. 7 @solarwinds Simplify and extend Hybrid Cloud Observability Eliminate tool sprawl Gain a unified solution with single-pane-of-glass monitoring and actionable intelligence to help expedite problem resolution and enable proactive management across hybrid environments. Reduce alert fatigue and risk Correlate problems that happened simultaneously on related devices with customizable alerts to help enable faster remediation, reduce alert fatigue, and increase automation. Gain deployment flexibility Drive growth initiatives with flexible licensing, enabling you to purchase the nodes you need and deploy however you need in your environment. Further your cloud modernization efforts with flexible deployment options on-premises or self-hosted in the cloud. Be cloud-ready Comprehensive observability across Hybrid Cloud Observability, empowering you to integrate today and evolve as your business needs dictate. Security Help organizations better understand the complex vulnerabilities within their environments while providing real-time visibility to help detect and remediate security issues.
  • 8. 8 @solarwinds Tracking the three pillars of observability— metrics, logs, and traces Use the endless stream of telemetry data to identify security risks and vulnerabilities Even the best-planned observability strategy is incomplete without the fourth pillar - security By leveraging the internal visibility observability provides then overlaying it with security data, extend eyes and ears into every corner of the IT environment Established processes track and analyze the right telemetry data sources! The strategy helps many businesses support the stability and performance of complex, distributed IT environments The fourth pillar of Observability -Security
  • 9. 9 @solarwinds Identify, analyze, and categorize suspicious patterns or anomalies. Security data (metadata from firewalls, threat detection, or traffic analyzers layered on top of telemetry data). Correlating data sets can grant deeper visibility and context to infer system health and security integrity. Viewing traffic spikes through a security data lens might unveil patterns indicating a brute-force attempt to access vital systems. Include full-stack integration with cloud-based applications, networks, databases, and third-party security tools or monitoring solutions to improve cross-functional collaboration and ensure teams ’ c b fy c u f u •Incorporate AIOps, machine learning, and intelligent modeling capabilities designed to automatically correlate vast data volumes and help teams spot security anomalies and areas of interest in real time. •Cut through the noise and make more informed decisions by focusing on critical issues. Access to a single source of truth The fourth pillar of Observability -Security
  • 10. 10 @solarwinds The global average cost of a data breach in 2023 was USD 4.45 million, a 15% increase over 3 years. South Africa was almost R50 million Tech Central 51% of organizations are planning to increase security investments as a result of a breach, including incident response (IR) planning and testing, employee training, and threat detection and response tools. USD 1.76 million The average savings for organizations that use security AI and automation extensively is USD 1.76 million compared to z ’ IBM research Estimated annual cost of cyber-attacks globally (USD) 2024 $9.5 Trillion IBM research(A trillion is a 1 with 12 zeros after it, represented as 1,000,000,000,000) Rand 180,000,000,000,000 The cost of a data breach in 2023
  • 11. 11 @solarwinds Many of us have used Chat-GPT and other AI tools over the past year. AI has exploded on to the digital landscape, and with its emergence comes great opportunities and significant threats. The power to use AI to automate and transform how we develop, operate and grow our businesses is the most significant digital transformation since the emergence of the internet. However, that very same power in the hands of cyber attackers means the threat level will increase and evolve into new and more invasive ways to penetrate cyber defenses. AI tools opportunities or significant threats
  • 12. 12 @solarwinds Cyber security needs to become accessible to everyone in the organization. It's ultimately about finding faults in systems and processes and closing the gaps that attackers can use to leverage an attack. Cyber execs need to be open and conduct a campaign within their businesses to ensure they deliver knowledge and transparency about the role of cyber. Security ObservabilITy accessible to everyone
  • 13. 13 @solarwinds Hybrid Cloud Observability—Designed for Your Needs Built-in intelligence Anomaly detection  Event correlation  Remediation  Auto-instrumented recommendations  Automation Ensure compliance with automated configuration and change management and IP address management Ensure SLAs with end-to-end visibility to pinpoint performance issues Gain deep understanding of network paths across the entire delivery chain Automatically detect and track devices and manage switch ports Get powerful quickly understand your connected landscape Gain understanding of the application and the underlying layers upon which it depends
  • 14. 14 @solarwinds Critical Security Controls - CIS Controls The 18 CIS Critical Security Controls Formerly the SANS Critical Security Controls (SANS Top 20) these are now officially called the CIS Critical Security Controls (CIS Controls). CIS define Controls by activities, rather than by who manages the devices. Physical devices, fixed boundaries, and discrete islands of security implementation are less important.
  • 15. 15 @solarwinds The 18 CIS Critical Security Controls CIS Control 1: Inventory and Control of Enterprise Assets CIS Control 2: Inventory and Control of Software Assets CIS Control 3: Data Protection CIS Control 4: Secure Configuration of Enterprise Assets and Software CIS Control 5: Account Management CIS Control 6: Access Control Management CIS Control 7: Continuous Vulnerability Management CIS Control 8: Audit Log Management CIS Control 9: Email Web Browser and Protections CIS Control 10: Malware Defenses CIS Control 11: Data Recovery CIS Control 12: Network Infrastructure Management CIS Control 13: Network Monitoring and Defense CIS Control 14: Security Awareness and Skills Training CIS Control 15: Service Provider Management CIS Control 16: Application Software Security CIS Control 17: Incident Response Management CIS Control 18: Penetration Testing
  • 16. 16 @solarwinds IDENTIFY DETECT RESPOND Systems. Assets. Data. • Physical • Virtual • Network • Software • 3rd Party compliance • User training/Skills Timely Discovery • Firmware vulnerabilities • Policy violations • Security events Manager • Active Directory® stats • ID Monitor Intelligent Actions • Evidence-based assessments and reporting • Security dashboard • Risk metrics AR • Address future risks Security Observability is built to reduce the attack surface, manage access, and improve compliance Security Is Everyone’s Responsibility Proactive Security Observability provides real-time visibility to detect and remediate security issues • Helps ensure integrity across your infrastructure • Helps reduces security risks and business disruptions
  • 17. 17 @solarwinds Gain visibility across your environments to reduce the mean time needed to detect, alert on, and remediate security incidents Security Observability = Hybrid Cloud Observability + Security integration Hybrid Cloud Observability Security Observability Protecting increasingly distributed and complex IT infrastructures by providing a secure Security integration with Hybrid Cloud Observability
  • 18. 18 @solarwinds The solution gives you insights into the internal state of a system based on external behavior with extensive reporting Full-Stack Observability Solution with Security For better: Visibility + Alerting + Investigation + Efficiency Infrastructure security Data security Cybersecurity Access control Vulnerability management + 3rd Party Patch management Change management /ITSM Single pane of glass/ 1 Source of truth Compliance and audit reporting Security Observability Traces Logs Metrics • Greater control in complex distributed systems • Seamless management • B ’ -eye view to help resolve internal issues
  • 19. 19 @solarwinds Built-In Intelligence Access Rights Manager Security Event Manager Patch Manager Problem: Customers with no security teams rely on IT administrators (and different tools) to identify security incidents in their infrastructure, network, applications, and data. Solution: A single-pane-of-glass solution providing IT admins comprehensive visibility into their environment to help them reduce the mean time needed to detect, alert on, and remediate security incidents Manage and audit access rights across your IT infrastructure Improve your security posture and quickly demonstrate compliance Patch management software designed to quickly address software vulnerabilities Integration Approach
  • 20. 20 @solarwinds Security Observability Security Integration for Hybrid Cloud Observability With Security Observability • Cuts through layers of virtualization, containerization, and fabric overlays to properly view your network • Get real-time visibility to help detect, alert on, and remediate security incidents • Monitor security and compliance status on a dedicated security dashboard
  • 21. 21 @solarwinds Covers security-related events, metrics, and activities Summary Dashboards Single-pane-of-glass solution designed to identify critical security issues • Better understanding of the complexities within the environment • Gain real-time visibility to help detect and remediate security issues • View security events, firmware vulnerabilities, policy violations, risk assessments, and more in a single dashboard
  • 22. 22 @solarwinds Security integration for Hybrid Cloud Observability Benefits of Security Observability Remove internal silos and have complete control Gain insights into the entire internal state of a complex distributed environment Reduce the time it takes to identify security issues Understand the security posture of the environment This integration combines security-related events, metrics, and activities with the other data in Hybrid Cloud Observability. Some of the key benefits of this security integration include:
  • 23. 23 @solarwinds What can be added Security Observability Dashboard Active Endpoint Deception Platform and Malware Defenses Protects against ransomware, malware, and unknown threats! Mitigate ransomware in seconds, before any data is exfiltrated or encrypted. Alert and dashboard integration
  • 24. 24 @solarwinds What can be added Security Observability Dashboard Third-Party Security Risk Management Evaluate new vendors Close their cyber gaps Continuously Monitor their cyber posture. Alert
  • 25. 25 @solarwinds What can be added Security Observability Dashboard Identity Monitoring Proactively protect digital identities - with a robust technology ecosystem that promotes maximum extensibility Uncover threats to your organization like malware-infected employees, stolen session cookies, and recency of breach exposures Alert
  • 26. 26 @solarwinds Secured Security Observability Detection of Anomalies: By monitoring system behaviour and performance metrics, observability tools can detect anomalies that may indicate security breaches or unauthorized access. For example, unexpected spikes in network traffic or unusual patterns in user behaviour could signal a potential security threat. Incident Response: In the event of a security incident, observability tools provide valuable data for incident response and investigation. Security teams can quickly identify the source of the incident, understand its impact, and take appropriate action to contain and remediate the threat. Forensic Analysis: Observability enables detailed forensic analysis by providing a comprehensive view of system activities leading up to and during a security incident. This information is crucial for understanding the root cause of the incident, identifying vulnerabilities, and implementing measures to prevent future attacks. Visibility into Cloud Environments: With the increasing adoption of cloud services, maintaining visibility into cloud environments is essential for ensuring security. Observability tools designed for cloud environments can monitor and analyze cloud-native logs, metrics, and events, helping organizations detect and respond to security threats effectively. Compliance Monitoring: Many regulatory requirements mandate the monitoring and auditing of system activities for security compliance. Observability tools can help organizations demonstrate compliance by providing detailed logs and audit trails that document security-related events and activities. Threat Hunting: Observability enables proactive threat hunting by allowing security teams to analyze historical data and search for indicators of compromise or suspicious behaviour. By continuously monitoring system activity and analyzing data trends, organizations can identify and mitigate security risks before they escalate into full-blown incidents. Real-time Alerting: Observability tools can be configured to generate real-time alerts for security events that require immediate attention. By alerting security teams to potential threats as they occur, organizations can respond promptly and minimize the impact of security incidents.
  • 27. 27 @solarwinds Cyber security is a business problem that can affect every aspect of your company. Too often, we do not see cyber experts taking their place in the boardroom. One strategy is to Assume breach, read our white paper This is a crucial strategic move towards ensuring you can plan for and respond effectively if and when facing a cyber threat. Cyber security is a business problem
  • 28. 28 @solarwinds Companies tend to over-purchase cyber products before developing a coherent cyber strategy. Having a range of solutions from the endless eco-system of products does not necessarily mean you are protected. Attackers actually thrive on this fault line where a hotchpotch of differing solutions are deployed across an organization. Use 2024 as a year to review, optimize and rationalize your cyber tech stack. Take the time to assess whether the solutions are correctly deployed, analyze whether the products meet current and future threats, and take into account the legal and regulatory requirements. This will help you determine whether the solutions in place are needed and outline areas to strengthen your defences. Developing various activities for activating, implementing, and managing your cyber defence. Ie like food, not just one course but many small courses to make up the entire meal.
  • 29. 29 @solarwinds If y u c ’ IT, y u c ’ MonITor IT and you cant defend IT? UnITy SecurITy Security ObservabilITy to
  • 30. 30 @solarwinds We call it security simplified Protect infrastructure from external threats Protect systems keeping them up-to-date Protect data monitoring user access rights Protect email monitoring exposure from data breaches Protect employees simulation and training - new SOC training Protect Supply Chain – 3rd Party Security Management manage and monitor supply chain Protect endpoints Active Endpoint Deception platform Solve Monitor Prevent
  • 31. 31 @solarwinds Offering flexibility and choice in your transformation journey SolarWinds Hybrid Cloud Observability Hybrid Cloud Observability Essentials Hybrid Cloud Observability Advanced Standard Up to 1,000 nodes Infrastructure, network, and application performance observability • • Physical and virtual hosts, device, and VoIP monitoring • • Application-centric database monitoring • • Automated discovery and dependency mapping • • Historical and real-time dashboards and customizable reporting • • IP address management and log management and analysis • • Metric and event correlation • • Distributed polling for remote environments • • Flexible licensing—buy one license and divide nodes how you want • • AIOps anomaly detection and alert clusters • Security observability with Security Event Manager and Access Rights Manager integration • Network flow and bandwidth observability • Virtualization performance management • Configuration management for networks, servers, and applications • Enterprise Scale 500 nodes and larger Additional polling engines (APEs) • • High availability • • Additional web servers • • Enterprise Operations Console • • Lab license • • Premier Support • •